CVE-2012-1854

Deferred
Published: 10 Jul 2012, 21:00
Last modified:14 Apr 2026, 03:55

Vulnerability Summary

Overall Risk (default)
medium
33/100
CVSS Score
7.8 HIGH
v3.1 (nvd)
EPSS Score
10.07% MEDIUM
10% probability +8.71%
KEV
Listed
CISA
1 listing
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

10 Jul 2012, 21:00
Published
Vulnerability first disclosed
13 Apr 2026, 00:00
Added to CISA KEV
Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
14 Apr 2026, 03:55
Last Modified
Vulnerability information updated
27 Apr 2026, 00:00
CISA Remediation Due
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.

CVSS Metrics

  • v3.1HIGHScore: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • v2.0MEDIUMScore: 6.9AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 10.07% Percentile: 93%

Techniques & Countermeasures

  • CWE-426Untrusted Search Path

    The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Affected Systems

  • microsoftoffice

    2003:sp3 | 2007:sp2 | 2007:sp3 | 2010 | 2010:sp1

References (5)